1036 Open source projects that are alternatives of or similar to Nightingale

List of every possible vulnerabilities in computer security.

Next generation web scanner

Awesome Vulnerable Applications

Everything needed for doing CTFs

This script will you help to find the information about the website and to help in penetrating testing

network reconnaissance toolkit

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Hacking Toolkit

Tool Information Gathering & social engineering Write By [Python,JS,PHP]

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

🌔 Official Repository for DarkSpiritz Penetration Framework | Written in Python 🐍

SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Go library for credentials recovery

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍

Security Tool to Look For Interesting Files in S3 Buckets

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

🔑 Hash type identifier (CLI & lib)

Forward shell generation framework

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A fast web directory/file enumeration tool written in Rust

Multi OTP Spam Amp/Paralell threads

Intentionally vulnerable Android application.

Pentesting suite for Maltego based on data in a Metasploit database

Boxer: A fast directory bruteforce tool written in Python with concurrency.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Automated NoSQL database enumeration and web application exploitation tool.

Domain name permutation engine written in Go

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

🔐 Docker Container for Penetration Testing & Security

备考 OSCP 的各种干货资料/渗透测试干货资料

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

Quick SQL Scanner, Dorker, Webshell injector PHP

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

The LAZY script will make your life easier, and of course faster.

Awesome hacking is an awesome collection of hacking tools.

Work in progress...

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.

A Collection of Notes, Methodologies, POCs and everything else related to Bug Hunting.

Related subdomains finder

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

Extract endpoints marked as disallow in robots files to generate wordlists.

PowerShell payload generator

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

Host Header Injection Checker

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

🔄 A collection of mitmproxy inline scripts

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.